Blue Team Tools

Blue Team, Blue Team Tools, How-To, Informational, Jordan Drysdale

Parsing Sysmon Logs on Microsoft Sentinel

Jordan Drysdale // Tl;dr: Many parsers have been written and several are referenced here. This blog describes a simple parser for Sysmon logs through Event ID (EID) 28 for Microsoft […]

Read the entire post here

Author, Blue Team, Blue Team Tools, External/Internal, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, Jordan Drysdale Azure, defense, Detection, doazlab.com, Impacket, Jordan Drysdale

Impacket Defense Basics With an Azure Lab

Jordan Drysdale // Overview The following description of some of Impacket’s tools and techniques is a tribute to the authors, SecureAuthCorp, and the open-source effort to maintain and extend the code. […]

Read the entire post here

Author, Blue Team, Blue Team Tools, General InfoSec Tips & Tricks, How-To, Hunt Teaming, Informational, InfoSec 101, Jordan Drysdale ARM Templates, Attribution, Detection, Engineering, Geopolitics, hunting, Microsoft Sentinel

Geopolitical Cyber-Detection Lures for Attribution with Microsoft Sentinel

Jordan Drysdale // Summary! There are tons of security event management (SIEM) solutions available these days, but this blog will focus on Microsoft Sentinel. Sentinel is easy to deploy, logs […]

Read the entire post here

Author, Backdoors & Breaches, Blue Team, Blue Team Tools, Corey Ham, Fun & Games, Hal Denton, How-To, Informational, Jason Blanchard, Kiersten Gross, Noah Heckman, Troy Wojewoda, Webcasts

How to Use Backdoors & Breaches to do Tabletop Exercises and Learn Cybersecurity

Have you heard of Backdoors & Breaches, or even have a deck of your own, and yet… still don’t know how to use it? We created an incident response card […]

Read the entire post here

Author, Blue Team, Blue Team Tools, General InfoSec Tips & Tricks, Hunt Teaming, Informational, Jordan Drysdale Jordan Drysdale

The Azure Sandbox – Purple Edition

Jordan Drysdale // Azure has replaced AWS in my personal development pipeline. This may sound crazy but hear me out. Microsoft has solidified its offerings, done nothing but improve its […]

Read the entire post here

Backdoors & Breaches, Blue Team, Blue Team Tools, Fun & Games, Informational

Backdoors & Breaches LIVE – 5/19/2021

Join our Incident Master Ean Meyer as we play another round of Backdoors & Breaches (B&B) session using our new Tabletop Simulator (TTS) version! If you have STEAM / TABLETOP […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

Author, Blue Team, Blue Team Tools, How-To, Informational, InfoSec 101, Michael Allen Michael Allen

Is This Thing On?

How to make sure your antivirus is working without any malware Michael Allen // Recently, a customer asked me if there was a way they could generate alerts from the new antivirus product they deployed without executing any actual […]

Read the entire post here

Author, Blue Team, Blue Team Tools, Informational, John Strand, Webcasts

Webcast: Ok, Let’s Talk About Ransomware

This is a joint emergency webcast from the teams of Black Hills Information Security, Wild West Hackin’ Fest, and Active Countermeasures, presented by John Strand. There have been a couple […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

00466_06052020_WebcastBlueTeamPerspective

Author, Blue Team, Blue Team Tools, How-To, Hunt Teaming, Informational, InfoSec 101, Jordan Drysdale, Kent Ickler, Red Team, Red Team Tools, Webcasts Blue Team, Jordan Drysdale, Kent Ickler, Red Team, Red Team vs. Blue Team

Webcast: A Blue Team’s Perspective on Red Team Hack Tools

Kent and Jordan are back to continue their journey to make the world a better place. This time around, they will be reviewing a series of tools commonly used on […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

1 2 3 4